===================================================================================================
创建sshd目录
[root@localhost sshd]# docker images
REPOSITORY TAG IMAG ID CREATED SIZE
centos 2 e06c81931dd5 15 minutes ago 589MB
[root@localhost ~]# mkdir sshd
[root@localhost ~]# cd sshd/
[root@localhost sshd]# vim run.sh
#!/bin/bash
/usr/sbin/sshd -D创建密钥对
[root@localhost sshd]# ssh-keygen
[root@localhost sshd]# cat ~/.ssh/id_rsa.pub > ./authorized_keys
[root@localhost sshd]# ls
authorized_keys run.sh
[root@localhost sshd]# cp /etc/pam.d/sshd ./ #将sshd文件移到当前目录便于查找
[root@localhost sshd]# vim sshd
#session required pam_loginuid.so #注释这条
编写Dockfile
[root@localhost sshd]# vim Dockerfile
ROM centos:2
MAINTAINER from crushlinux
RUN mkdir -p /var/run/sshd
RUN mkdir -p /root/.ssh
ADD sshd /etc/pam.d/sshd
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
ADD authorized_keys /root/.ssh/authorized_keys
ADD run.sh /run.sh
RUN chmod 775 /run.sh
EXPOSE 22
CMD ["/run.sh"]
构建:
[root@localhost sshd]# docker build -t sshd:1 .
Sending build context to Docker daemon 5.632kB Step 1/12 : FROM centos:2 ---> e06c81931dd5 Step 2/12 : MAINTAINER from crushlinux ---> [Warning] IPv4 forwarding is disabled. Networking will not work. ---> Running in 6e769288fa3f --- 此处省略 -------- Successfully built 86902c3345cf Successfully tagged sshd:1
有两个Successfully表示构建成功
如果构建报错检查Dockerfile文件和centos(589M)是否有问题
[root@localhost sshd]# docker images #此时多了一个sshd的镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
sshd 1 86902c3345cf 14 minutes ago 589MB
centos 2 e06c81931dd5 15 minutes ago 589MB
做端口映射:
[root@localhost docker]# docker run -p 2222:22 -itd sshd:1 /bin/bash #这里我做映射因为22端口被占用了
26a9e42b2aa72e5bdc1879cb44c74d5948e3b3067d349d8f4d549e1d2a978836
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
26a9e42b2aa7 sshd:1 "/bin/bash" 6 seconds ago Up 4 seconds 0.0.0.0:2222->22/tcp quizzical_cray
查看sshd服务是否开启
[root@localhost docker]# netstat -lnpt | grep 2222
tcp6 0 0 :::2222 :::* LISTEN 34096/docker-proxy
通过ssh连接2222端口
[root@localhost sshd]# ssh 192.168.200.100 -p 2222
The authenticity of host '[192.168.200.100]:2222 ([192.168.200.100]:2222)' can't be established.
RSA key fingerprint is SHA256:3wIiRcP5B1vB5gDSo4XMGJY/8g0VJO1e1tsZUDIMLDc.
RSA key fingerprint is MD5:8a:69:eb:d3:24:04:bd:c6:42:3e:7b:fb:40:15:dc:2d.
Are you sure you want to continue connecting (yes/no)? yes #第一次需要确认连接
Warning: Permanently added '[192.168.200.100]:2222' (RSA) to the list of known hosts.